May 20, 2024
Via REUTERS/Damir Sagolj

Recent findings from the US-based cybersecurity firm, Volexity, reveal alarming cyberattack campaigns targeting Tibetans, Uyghurs, and the Taiwanese communities. The detailed report underscores the discreet implantation of malware within legitimate mobile applications, granting hackers clandestine access to the victims’ devices.

Attributed to the threat actor EvilBamboo, previously known as Evil Eye, these cyber operations have reportedly been in the interests of the Chinese state. This group is deploying malware types named BADSIGNAL, BADBAZAAR, and BADSOLAR. Apart from basic device data, this malware can access users’ Ethereum accounts via the MetaMask browser extension and even fingerprint browsers.

Volexity‘s report, cited by Cybernews, has identified an array of fake websites devised to distribute this malware. These include signalplus.org, allwhatsapp.net, flygram.org, groupgram.org, ignitetibet.net, uyghurinfo.net, and tw.tinmf.org. These websites, while appearing genuine, often camouflage themselves with content related to Taiwan‘s independence and, in some cases, leverage custom JavaScript profiling frameworks.

ALSO READ: Erosion of Tibetan Culture Amidst Increasing Assimilation Pressures from China

Furthermore, the cyber attackers have expanded their reach to social media, creating impostor profiles on platforms to distribute malicious content. Notably, Telegram groups “Tibetanmaptalk” and “Tibetanphone” have been found disseminating malware-embedded applications. “Since 2020, we’ve tracked EvilBamboo’s persistent focus on the Tibetan community, deploying Android spyware. Over 120 compromised Android Package Kits have been shared via such groups,” a Volexity researcher shared.

One of the most concerning aspects is the hackers’ precision in targeting individuals who communicate in lesser-supported languages, such as Tibetan or Uyghur. For instance, one malicious post found on “Tibetanmaptalk” Telegram channel sought a Tibetan translation of the backdoored AlpineQuest map software.

As the digital landscape evolves, so do the threats. Experts from the cybersecurity domain are urging individuals to exercise caution, emphasizing the importance of downloading apps solely from verified sources, and remaining skeptical of unsolicited communications.

About Post Author

News Desk

See author's posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Don't miss these

His Holiness the Dalai Lama led a profound Six-Armed Mahakala ceremony in Dharamsala, drawing 8500 attendees to Tsuglagkhang Temple. The event highlighted deep spiritual connections and the ongoing support of Mahakala for those in exile.

His Holiness the Dalai Lama Grants Six-Armed Mahakala Permission in Dharamshala

May 19, 2024
Recently, UK Parliament hosted an event, co-organized by Tibet Watch and China Watch, addressing the severe repression faced by religious communities in China. The session especially highlighted the plight of Tibet’s missing Panchen Lama, underscoring the need for professional and global advocacy.

Parliamentary Event in UK Highlights China’s Crackdown on Religion

May 18, 2024
Tibet Museum, as part of the Central Tibetan Administration in Dharamshala, celebrated International Museum Day a day ahead of schedule, engaging in a rich array of educational activities and cultural showcases.

Tibet Museum Joins Global Observance of International Museum Day with Unique Celebrations

May 18, 2024
Today marks the 29th anniversary of Gedhun Choekyi Nyima's disappearance, the 11th Panchen Lama, recognized by the Dalai Lama but taken by Chinese authorities in 1995.

US Calls for Accountability on 29th Anniversary of Panchen Lama’s Disappearance

May 18, 2024

Activists at Geneva Summit Denounce China’s Repression of Uyghurs and Tibetans

May 17, 2024

Tibetan Protesters Subjected to Political Education Following Land Grab Dispute

May 17, 2024